Phishing Scheme Requests Confidential Employee Information

Payroll and human resources departments should beware of an email phishing scheme in which cybercriminals pose as company executives (including CEOs) and ask for confidential employee information, such as Forms W-2, Wage and Tax Statement, and employees’ Social Security numbers, address, date of birth, and salary, the IRS warned on Tuesday. Once this information has been stolen, it can be used to commit a number of crimes, including filing fraudulent tax returns to obtain refunds.

“This is a new twist on an old scheme using the cover of the tax season and W-2 filings to try tricking people into sharing personal data. Now the criminals are focusing their schemes on company payroll departments,” IRS Commissioner John Koskinen said in a prepared statement. The fraudulent emails use what is called “spoofing,” which makes it appear the messages are from company executives, and often contain the name of the company’s CEO. Payroll departments are warned not to respond to these emails without being sure of who they are sending this information to.

The IRS says its Criminal Investigation division is reviewing several cases in which this latest variation on phishing has tricked people into supplying confidential employee information to cybercriminals.

Every year, the IRS releases a list of what it calls the worst tax scams of the year. Beginning Feb. 1 and ending on Feb. 17, the IRS issued a news release each day highlighting a scam. These “dirty dozen” scams can be encountered at any time of year, but the IRS reports that they peak during tax season.

1. Identity theft

According to the IRS, the No. 1 scam this year is tax-related identity theft, which the IRS defines as when someone uses a taxpayer’s stolen Social Security number to file a tax return claiming a fraudulent refund (IR-2016-12). Although the IRS has introduced more effective screening and detection systems that are designed to detect identity theft before it issues a refund, the Service admitted that it is still a major problem. To fight the problem more effectively, over the past year, the IRS has participated in a Security Summit initiative in partnership with states and the tax-preparation industry to try to improve security for taxpayers. The participants share information of fraudulent schemes that have been detected this filing season to provide increased protection. More than 20 data elements are used, unknown to taxpayers, to verify tax return information.

In addition, the IRS urged taxpayers to protect their own information so it is harder for thieves to breach the IRS’s security systems. These efforts at taxpayer education include the Taxes. Security. Together. campaign to help taxpayers avoid the data breaches that make it easier for them to become victims.

2. Phone scams

The second scam this year is phone scams, in which criminals call, impersonating the IRS (IR-2016-14). Many times, they disguise the number they are calling from so it appears to be the IRS or another agency calling, and they may threaten arrest, deportation, or license revocation. The scammers sometimes use IRS titles and fake badge numbers to appear legitimate and use the victim’s name, address, and other personal information, which makes the call sound official.

To protect themselves, the IRS says, taxpayers should be aware the IRS will never call to demand immediate payment, call about taxes owed without first having mailed a bill, call to demand payment without the opportunity to question or appeal, require use of a specific payment method, such as a prepaid debit card or wire transfer, ask for credit or debit card numbers over the phone, or threaten to bring in local police or other law enforcement to arrest a taxpayer for not paying.

3. Phishing

Another scam that continues to appear high on the list is “phishing,” in which taxpayers get unsolicited emails seeking financial or personal information. A taxpayer who receives a suspicious email should send it to phishing@irs.gov. “The IRS won’t send you an email about a bill or refund out of the blue,” said IRS Commissioner John Koskinen (IR-2016-15). Scam emails can also infect a computer with malware without the taxpayer’s knowing it, often enabling the criminals to access sensitive files or track keyboard strokes, exposing login information.

4. Return preparer fraud

Return preparer fraud involves “dishonest preparers who set up shop each filing season to perpetrate refund fraud, identity theft and other scams that hurt taxpayers” (IR-2016-16). The IRS warned taxpayers to be wary of “unscrupulous preparers who prey on unsuspecting taxpayers with outlandish promises of overly large refunds,” which is why the IRS says this scam makes it onto the list every year.

“Choose your tax return preparer carefully because you entrust them with your private financial information that needs to be protected,” Koskinen said. The IRS provides a number of tips for taxpayers to choose competent preparers, including checking what the preparer’s credentials are, making sure the preparer will be available after filing season, and ensuring that the taxpayer’s refund is deposited into the taxpayer’s account, not the preparer’s. The IRS recommends avoiding preparers who base their fees on a percentage of the refund or promise larger refunds than other preparers.

5. Hiding money or income offshore

Hiding money or income offshore, which is a major focus of IRS enforcement efforts, is the next tax scam the IRS addressed (IR-2016-17). “Our continued enforcement actions should discourage anyone from trying to illegally hide money and income offshore,” Koskinen said. As the IRS explained, there are legitimate reasons that taxpayers have foreign accounts, but these accounts trigger reporting requirements. The IRS offers a number of programs, including the Offshore Voluntary Disclosure Program, for taxpayers to come into compliance with these requirements. The IRS noted that the heightened reporting required under the Foreign Account Tax Compliance Act, which went into effect in 2015, makes it even harder for taxpayers to conceal assets overseas.

6. Inflated refund claims

Another scam that is closely related to return preparer fraud is inflated refund claims, in which unscrupulous preparers set up shop to lure unsuspecting taxpayers (IR-2016-18). “Be wary of tax preparers that tout outlandish refunds based on federal benefits or tax credits you’ve never heard of or weren’t eligible to claim in the past,” Koskinen said.

Inflated refund claims often involve claims for tax credits that taxpayers are not entitled to, such as education credits, the earned income tax credit (EITC), or the American opportunity tax credit. The IRS reminds taxpayers that they are responsible for what is on their return, even if someone else prepares it, and they can be assessed penalties and interest as well as additional tax.

7. Fake charities

Next on the list is fake charities. Taxpayers are cautioned to check the Exempt Organizations Select Check on the IRS’s website to determine whether a charity is bona fide and qualifies for deductible contributions (IR-2016-20). Legitimate charities should be willing to give donors their employer identification numbers, which can then be used to check whether the charities are qualified on the IRS website. Fake charities often use names similar to well-known organizations and may set up fake websites. They also can be used for identity theft purposes. When large-scale natural disasters occur, these fraudulent organizations tend to increase, the IRS reports, and it warns that taxpayers should not make any contributions without checking first.

8. Falsely padding deductions

No. 8 on the list is falsely padding deductions (IR-2016-21), which consists of deceitfully inflating deductions or expenses on the return to pay less tax or receive a bigger refund. This item is new to the dirty dozen list this year. The IRS warns taxpayers that they should “think twice” before overstating their charitable contribution expenses or padding their business expenses, as well as avoid claiming credits they are not entitled to, such as the EITC and the child tax credit. Taxpayers who do this may be subject to substantial penalties and may, in some cases, face criminal prosecution.

9. Excessive claims for business credits

The next item on the list, excessive claims for business credits, expands on last year’s “excessive claims for fuel credits” (IR-2016-22). This scam involves two specific false claims for credits: fraudulent claims for refunds of fuel excise tax and bogus claims for the research tax credit. The IRS says that its refund fraud filters are stopping a number of fraudulent fuel excise tax refunds this year.

10. Falsifying income to claim tax credits

Tenth on the list is falsifying income to claim tax credits (IR-2016-23). This usually involves falsely claiming higher earned income to qualify for the EITC, which is a refundable credit. Unscrupulous preparers often do this to get taxpayers larger refunds than they are entitled to. Even when taxpayers are unaware of these false claims, they are, as the IRS reminds again, responsible for what is on their tax return. They can be subject to significant penalties, interest, and possibly prosecution.

11. Abusive tax shelters

No. 11 is participating in abusive tax shelters (IR-2016-25). Abusive tax shelters are defined as schemes using multiple flowthrough entities to evade taxes. They often use limited liability companies, limited liability partnerships, international business companies, foreign financial accounts, offshore credit or debit cards, and multilayer transactions to conceal who owns the income or assets.

The IRS also mentions the misuse of trusts and captive insurance companies among the types of transactions taxpayers should avoid. As in some of the other scams, the IRS warns that participating in these transactions can result in significant penalties and interest and “possible criminal prosecution.” According to Koskinen, “These schemes can end up costing taxpayers more in back taxes, penalties, and interest than they saved in the first place.”

12. Frivolous tax arguments

The final “scam” is frivolous tax arguments, which the IRS warns taxpayers not to be talked into (IR-2016-27). Announcing the release today of the 2016 version of its webpage, “The Truth About Frivolous Tax Arguments,” the IRS explained how the courts and the IRS have treated these arguments, which involve claims such as that the only employees subject to income tax are employees of the federal government or that only foreign income is taxable. “Taxpayers should avoid unscrupulous promoters of false tax-avoidance arguments because taxpayers end up paying what they owe plus potential penalties and interest mandated by law,” Koskinen said. The IRS reminded taxpayers that they would automatically be subject to the $5,000 penalty for frivolous tax positions.

If you have any questions regarding this, please to not hesitate to contact Greg Gandy or Mike McDevitt at (719) 579-9090.

The IRS revealed on Tuesday that it discovered and stopped an automated cyberattack on its e-filing personal identification number (PIN) system last month. According to the IRS, the cybercriminals used information stolen “elsewhere outside the IRS” to generate e-file PINs for stolen Social Security numbers (SSNs). E-file PINs are used by some taxpayers to electronically file their tax returns.

Although no personal taxpayer data were compromised or disclosed by the breach, the IRS noted that the cybercriminals succeeded in using 101,000 SSNs to access e-file PINs (out of 464,000 attempts).

The IRS is notifying the affected taxpayers and placing tax return identity theft markers on their accounts. It is also continuing to closely monitor the Electronic Filing PIN application against further breaches.

The IRS also said it is working with other agencies and the Treasury Inspector General for Tax Administration to assess the problem and has shared information with Security Summit state and industry partners. It said the breach was not related to last week’s e-filing shutdown.

The news follows closely on last summer’s announcement that a breach of the IRS Get Transcript system resulted in the theft of some 334,000 taxpayers’ tax data (see prior coverage here).

If you have any questions regarding the IRS hack, please contact us at 719-579-9090. If you have been notified that your identity has been breached, please read here.

(KOAA; Published August 17, 2015)

WASHINGTON (AP) – The IRS says thieves used an agency website to steal tax information from as many as 220,000 additional taxpayers.

The agency first disclosed the breach in May. Monday’s revelation more than doubles the total number of potential victims, to 334,000.

The thieves accessed a system called “Get Transcript,” where taxpayers can get tax returns and other filings from previous years. In order to access the information, the IRS said the hackers already had information about the taxpayers, including Social Security numbers and dates of birth.

The IRS believes the breach was part of a sophisticated scheme to use stolen identities to claim fraudulent tax refunds in future years.

The IRS said it will begin notifying newly discovered victims in the next few days. The agency will offer credit protection.

As many of our clients have observed, IRS notices to verify payments are up astronomically this year. Why is this the case when it seems nearly impossible to communicate with an actual agent? Due to $10.9 billion in budget cuts and short-handed staffing issues, the agency has had to rely more on technology than ever before.

According to the IRS Newswire, hackers were able to breach the IRS’s Get Transcript Online service, and were able to obtain past tax return data for more than 104,000 individuals while attempting to access the information of more than 200,000 taxpayers. The tax hackers were able to obtain enough data from an outside source to allow them access without having to clear a multistep verification process. The IRS said that the data gathered would help criminals to file more credible seeming false returns that are more likely to evade IRS antifraud filters.

After learning about the hack, the IRS promptly shut down the Get Transcript Online service that is primarily used by individuals to obtain past tax data for mortgage and college applications. Because of this breach, the 200,000 affected taxpayers should have received and official IRS letter indicating that the criminals had their tax information, and the IRS would offer credit monitoring services to the 104,000 who had their data stolen.

Results from this hack were felt by millions as refund turnaround was much slower and verification notices from the IRS skyrocketed, making numerous clients nervous. Although numerous clients experienced identity theft issues this year, please note that BiggsKofford has not experienced any security breaches.

If you have any questions regarding the IRS hack, please contact us at 719-579-9090. If you have been notified that your identity has been breached, please read here.

Due to increased frequency of identity theft and fraud with both state and federal taxes, the Internal Revenue Service and Colorado Department of Revenue have implemented new processes to protect taxpayers and to increase diligence within the department. This year, we have had several clients receive letters requesting additional information and documentation from the CDOR to validate individual income tax returns.

If you receive a letter with “Request for Additional Information to Process a Refund” from the Department printed on State of Colorado official letterhead with the following address: 1375 Sherman Street, Denver, CO 80261, consider it an official document.

The letter, which requests multiple documents including prior year W-2(s), 1099(s), military LES, K-1(s), copies of identifying documents, etc., is simply a verification process that the CDOR is implementing to help prevent fraudulent income tax returns. Compliance with their request will only speed up the refund process and help to keep your identity safe.

In some cases, refunds are also being converted from direct deposit to paper check to maintain security and confidential information. If you receive a paper check and have not yet filed your individual income tax return, do not cash the check. It is important to report the information to the CDOR Fraud Hotline by calling 303-205-8338. Please also note that the IRS and the CDOR will not initiate contact with individuals through electronic communication (i.e. email, txt, or social media) to request any personal or financial data.

If you have questions or need assistance with a difficult tax-related issue, BiggsKofford is here to help. Call us at 719-579-9090 or send us an email to info@biggskofford.com.

(By: IRS Newswire, Published June 2015)

WASHINGTON—The Internal Revenue Service today reminded all taxpayers with an FBAR filing requirement to report their foreign assets by the June 30 deadline. FBAR filings have risen dramatically in recent years as FATCA phases in and other international compliance efforts have raised awareness among taxpayers with offshore assets.

The IRS encourages taxpayers with foreign assets, even relatively small amounts, to check if they have a filing requirement. Separately, certain taxpayers living abroad may also have to file the FATCA-related Form 8938 with their tax returns by the June 15 deadline. (Domestic filers may also be required to file Form 8938, which would have been due by April 15 with their tax returns.)

“The vast majority of taxpayers pay their fair share. The FBAR and FATCA filing requirements make it tougher for that relatively small number of taxpayers trying to hide assets and income offshore,” said IRS Commissioner John Koskinen. “Taxpayers are encouraged to review the rules and disclose their offshore assets.”

FBAR Requirements

FBAR refers to Form 114, Report of Foreign Bank and Financial Accounts, that must be filed with the Financial Crimes Enforcement Network (FinCEN), which is a bureau of the Treasury Department. The form must be filed electronically and is only available online through the BSA E-Filing System website.

Who needs to file an FBAR? Taxpayers with an interest in, or signature or other authority over, foreign financial accounts whose aggregate value exceeded $10,000 at any time during 2014 generally must file. For more on filing requirements, see Current FBAR Guidance on IRS.gov. Also see the one-hour webinar explaining the FBAR requirement.

The FBAR filing requirement is not part of filing a tax return. The FBAR Form 114 is filed separately and directly with FinCEN.

FBAR filings have surged in recent years, according to data from FinCEN. FBAR filings exceeded 1 million for the first time in calendar year 2014 and rose nine of the last 10 years from about 280,000 back in 2005.

FATCA Requirements

FATCA refers to the Foreign Account Tax Compliance Act. The law addresses tax non-compliance by U.S. taxpayers with foreign accounts by focusing on reporting by U.S. taxpayers and foreign financial institutions.

In general, federal law requires U.S. citizens and resident aliens to report any worldwide income, including income from foreign trusts and foreign bank and securities accounts. In most cases, affected taxpayers need to complete and attach Schedule B to their tax returns. Part III of Schedule B asks about the existence of foreign accounts, such as bank and securities accounts, and generally requires U.S. citizens to report the country in which each account is located.

In addition, certain taxpayers may also have to complete and attach to their return Form 8938 Statement of Special Foreign Financial Assets. Generally, U.S. citizens, resident aliens and certain nonresident aliens must report specified foreign financial assets on this form if the aggregate value of those assets exceeds certain thresholds. See the instructions of this form for details.

The FATCA Form 8938 requirement does not replace or otherwise affect a taxpayer’s obligation to file an FBAR Form 114. A brief comparison of the two filing requirements is available on IRS.gov.

U.S. Income Tax Obligations

U.S. citizens and resident aliens, including those with dual citizenship who have lived or worked abroad during all or part of 2014, may have a U.S. tax liability and a filing requirement in 2015.

A filing requirement generally applies even if a taxpayer qualifies for tax benefits, such as the foreign earned income exclusion or the foreign tax credit, that substantially reduce or eliminate their U.S. tax liability. These tax benefits are not automatic and are only available if an eligible taxpayer files a U.S. income tax return.

The filing deadline is Monday, June 15, 2015, for U.S. citizens and resident aliens whose tax home and abode are outside the United States and Puerto Rico, and for those serving in the military outside the U.S. and Puerto Rico, on the regular due date of their tax return. To use this automatic two-month extension, taxpayers must attach a statement to their returns explaining which of these two situations applies. See U.S. Citizens and Resident Aliens Abroad for details.

Nonresident aliens who received income from U.S. sources in 2014 also must determine whether they have a U.S. tax obligation. The filing deadline for nonresident aliens can be April 15 or June 15 depending on sources of income. See Taxation of Nonresident Aliens on IRS.gov.

More Information Available

Any U.S. taxpayer here or abroad with tax questions can refer to the International Taxpayers landing page and use the online IRS Tax Map and the International Tax Topic Index to get answers. These online tools assemble or group IRS forms, publications and web pages by subject and provide users with a single entry point to find tax information.

More information on the tax rules that apply to U.S. citizens and resident aliens living abroad can be found in, Publication 54, Tax Guide for U.S. Citizens and Resident Aliens Abroad, available on IRS.gov.

The IRS has launched new online videos and has expanded other online resources to help taxpayers, especially those living abroad, meet their U.S. tax obligations. For details see IR-2015-85 issued on June 4, 2015.

(By: Thomson Reuters, Published January 2015)

In two Fact Sheets, IRS has listed numerous ways that taxpayers can protect themselves from identity theft and the steps they should take if they find they have become victims of such fraud.

Background. IRS continues to increase its efforts against refund fraud, which includes identity theft. As a result of these aggressive efforts to combat identity theft from 2011 through October 2014, IRS has stopped 19 million suspicious returns and protected more than $63 billion in fraudulent refunds.

For 2015, IRS will continue to increase both the number and efficiency of the identity theft data models and filters that are used to identify potentially fraudulent returns. These pre-refund filters stop the vast majority of fraudulent returns. IRS also continues to expand its partnerships with financial institutions to identity and stop fraudulent refunds.

Starting January 2015, IRS also will limit the number of direct deposit refunds to a single financial account or pre-paid debit card to three. Fourth and subsequent valid refunds will convert to paper checks and be mailed to the taxpayer. The limit also will stop certain tax preparers who improperly deposit client refunds into their own accounts.

Fighting identity theft is an ongoing battle as identity thieves continue to create new ways of stealing personal information and using it for their gain. Tax-related identity theft occurs when someone uses a stolen Social Security (SS) number to file a tax return to claim a fraudulent refund. A taxpayer’s SSN can be stolen through a data breach, a computer hack or a lost wallet. Although identity theft affects a small percentage of tax returns, it can have a major impact on victims by delaying their refunds.

Protecting oneself. IRS listed a number of simple, practical steps that a taxpayer can take to avoid becoming a victim. It advised a taxpayer:

Don’t carry your Social Security card or any documents that include your SSN or Individual Taxpayer Identification Number (ITIN);

Don’t give a business your SSN or ITIN just because they ask. Give it only when required;

Protect your personal computers by using firewalls and anti-spam/virus software, updating security patches and changing passwords for Internet accounts; and

Don’t give personal information over the phone, through the mail or on the Internet unless you have initiated the contact or you are sure you know who you are dealing with.

Warning Signs. IRS provided possible indications that there has been a tax-related identity theft. It advised that a taxpayers should be on guard if he or she receive a notice from IRS or learn from their tax professional that:

More than one tax return was filed for you;

You owe additional tax, have a refund offset or have had collection actions taken against you for a year you did not file a tax return;

IRS records indicate you received more wages than you actually earned; or

Your state or federal benefits were reduced or cancelled because the agency received information reporting an income change.

Steps to take. IRS advised that all victims of tax-related identity theft should:

File a report with the local police;

File a complaint with the Federal Trade Commission (FTC) or the FTC Identity Theft hotline:

Contact one of the three major credit bureaus to place a “fraud alert’ on your account (Equifax, Experian, or TransUnion); and

Close any accounts that have been tampered with or opened fraudulently.

In addition, if a taxpayer’s SSN has been compromised and the taxpayer knows or suspects he or she may be a victim of tax-related identity theft, a taxpayer should:

Respond immediately to any IRS notice and call the number provided;

Complete IRS Form 14039, Identity Theft Affidavit. Use a fillable form at IRS’s website, print, then mail or fax according to instructions;

Continue to pay your taxes and file your tax return, even if you must do so by paper; and

If you previously contacted IRS and did not have a resolution, contact the Identity Protection Specialized Unit.

Steps IRS has taken. IRS notes that identity theft cases are among the most complex handled by IRS. It is continually reviewing processes and policies to minimize the incidence of identity theft and to help those who find themselves victimized. Among the steps underway to help victims:

The IRS Identity Protection PIN (IP PIN) is a unique six digit number that is assigned annually to victims of identity theft for use when filing their federal tax return that shows that a particular taxpayer is the rightful filer of the return.

IRS is offering certain taxpayers the opportunity to opt into the IP PIN program. These are taxpayers who may be unaware that they are identity theft victims but IRS identified them because their accounts have indications of identity theft.

IRS will continue its IP PIN pilot program that allows taxpayers who filed tax returns last year

from Florida, Georgia or the District of Columbia to opt into the IP PIN program.

This year, IRS uses an online process through its website that will allow taxpayers who have an IP PIN requirement and lose their IP PIN to create an account and receive an IP PIN online.

Victim case resolution are extremely complex cases to resolve, frequently touching on multiple issues and multiple tax years. A typical case can take 120 days to resolve, and IRS is working to streamline its internal process and reduce that time period.

Thomson Reuters/Tax & Accounting.

In case you missed yesterday’s luncheon, where The Colvert Group brought in former FBI agent, Jeff Lanza, here are a couple of handouts with great tips about how to protect yourself and your finances!